go
/
ws
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

manage invalid read size + minmod

This commit is contained in:
xdrm-brackets 2018-05-06 14:45:38 +02:00
parent 75f568a1ec
commit 26864aab55
1 changed files with 20 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
ws/message.go
View File

@ -59,8 +59,9 @@ func readMessage(reader io.Reader) (*Message, error){
/* (2) Byte 1: FIN and OpCode */ /* (2) Byte 1: FIN and OpCode */
tmpBuf = make([]byte, 1) tmpBuf = make([]byte, 1)
_, err = reader.Read(tmpBuf) nbr, err := reader.Read(tmpBuf)
if err != nil { return nil, err } if err != nil { return m, err }
if nbr < 1 { return m, io.EOF }
m.Final = bool( tmpBuf[0] & 0x80 == 0x80 ) m.Final = bool( tmpBuf[0] & 0x80 == 0x80 )
@ -68,8 +69,9 @@ func readMessage(reader io.Reader) (*Message, error){
/* (3) Byte 2: Mask and Length[0] */ /* (3) Byte 2: Mask and Length[0] */
tmpBuf = make([]byte, 1) tmpBuf = make([]byte, 1)
_, err = reader.Read(tmpBuf) nbr, err = reader.Read(tmpBuf)
if err != nil { return nil, err } if err != nil { return m, err }
if nbr < 1 { return m, io.EOF }
// if mask, byte array not nil // if mask, byte array not nil
if tmpBuf[0] & 0x80 == 0x80 { if tmpBuf[0] & 0x80 == 0x80 {
@ -83,16 +85,18 @@ func readMessage(reader io.Reader) (*Message, error){
if m.Size == 127 { if m.Size == 127 {
tmpBuf = make([]byte, 8) tmpBuf = make([]byte, 8)
_, err := reader.Read(tmpBuf) nbr, err := reader.Read(tmpBuf)
if err != nil { return nil, err } if err != nil { return m, err }
if nbr < 8 { return m, io.EOF }
m.Size = uint( binary.BigEndian.Uint64(tmpBuf) ) m.Size = uint( binary.BigEndian.Uint64(tmpBuf) )
} else if m.Size == 126 { } else if m.Size == 126 {
tmpBuf = make([]byte, 2) tmpBuf = make([]byte, 2)
_, err := reader.Read(tmpBuf) nbr, err := reader.Read(tmpBuf)
if err != nil { return nil, err } if err != nil { return m, err }
if nbr < 2 { return m, io.EOF }
m.Size = uint( binary.BigEndian.Uint16(tmpBuf) ) m.Size = uint( binary.BigEndian.Uint16(tmpBuf) )
@ -102,8 +106,9 @@ func readMessage(reader io.Reader) (*Message, error){
if mask != nil { if mask != nil {
tmpBuf = make([]byte, 4) tmpBuf = make([]byte, 4)
_, err := reader.Read(tmpBuf) nbr, err := reader.Read(tmpBuf)
if err != nil { return nil, err } if err != nil { return m, err }
if nbr < 4 { return m, io.EOF }
mask = make([]byte, 4) mask = make([]byte, 4)
copy(mask, tmpBuf) copy(mask, tmpBuf)
@ -113,11 +118,6 @@ func readMessage(reader io.Reader) (*Message, error){
/* (6) Read payload by chunks */ /* (6) Read payload by chunks */
m.Data = make([]byte, int(m.Size)) m.Data = make([]byte, int(m.Size))
// If empty payload
if m.Size <= 0 {
return m, nil
}
cursor = 0 cursor = 0
// {1} While we have data to read // // {1} While we have data to read //
@ -126,7 +126,7 @@ func readMessage(reader io.Reader) (*Message, error){
// {2} Try to read (at least 1 byte) // // {2} Try to read (at least 1 byte) //
nbread, err := io.ReadAtLeast(reader, m.Data[cursor:m.Size], 1) nbread, err := io.ReadAtLeast(reader, m.Data[cursor:m.Size], 1)
if err != nil { if err != nil {
return nil, err return m, err
} }
// {3} Unmask data // // {3} Unmask data //
@ -145,11 +145,13 @@ func readMessage(reader io.Reader) (*Message, error){
} }
// return error if unmasked frame // return error if unmasked frame
// we have to fully read it for read buffer to be clean
err = nil
if mask == nil { if mask == nil {
return nil, UnmaskedFrameErr err = UnmaskedFrameErr
} }
return m, nil return m, err
} }